I would think that simple devices are easier to secure. They don't have the same horsepower available for encryption/decryption, but they have far fewer vulnerable spots than a complex system. I doubt that anyone knows how many points and methods of potential entry there are for a typical PC.
A blue tooth device may have only one point of entry and only one protocol to defend. If the 8-bit MCUs don't have enough power to be secure, even at that level, maybe the low-cost 32 bits will be able to make greater inroads by meeting that requirement.